1.目录中存放app文件
2.打开文件
3.执行命令otool -arch arm64 -l ./QQStock | grep -B 1 -A 10 "LC_SEGM" | grep -B 3 -A 8 "__TEXT"
4.解析命令xcrun atos -arch arm64 -o ./QQStock 0x100633614
lideiMac:4.0.1 lixiang$
lideiMac:4.0.1 lixiang$ cd /Users/lixiang/Desktop/crash/4.0.1/QQStock.app
lideiMac:QQStock.app lixiang$ otool -arch arm64 -l ./QQStock | grep -B 1 -A 10 "LC_SEGM" | grep -B 3 -A 8 "__TEXT"
Load command 1
cmd LC_SEGMENT_64
cmdsize 1032
segname __TEXT
vmaddr 0x0000000100000000
vmsize 0x0000000000ae0000
fileoff 0
filesize 11403264
maxprot 0x00000005
initprot 0x00000005
nsects 12
flags 0x0
lideiMac:QQStock.app lixiang$ xcrun atos -arch arm64 -o ./QQStock 0x100633614
-[CTipsListViewController alertView:clickedButtonAtIndex:] (in QQStock) (CTipsListViewController.m:538)
lideiMac:QQStock.app lixiang$
需要计算出绝对地址(基地址+偏移地址)
QQStock 0x0047e105 QQStock + 4219141
0x100406105 = 0x100000000 + 0x406105(4219141)
)